The website,  is published by Osteorama Int. Ltd's Company, hereinafter referred to as the “data controller”.



This section is dedicated to our privacy policy. It allows you to know more about your rights as well as the origin and use of browsing information processed when you visit our website. This policy is therefore important for you, to have a positive and confident experience of our services and for us, who wish to respond in the most efficient manner possible regarding use of our website, taking into account your wishes.


The data controller protects the privacy of its users by complying with the legislation in force. When consulting our site, information relating to the navigation of your device on our site, may be recorded by programmes, including files known as “cookies” installed on your device, subject to the choices you have expressed and that you can change at any time.


This section details how the controller uses your personal data and informs you of the measures taken to ensure the protection of your personal data in connection with the use of the site, in accordance with the provisions of the Data Protection Act of 6 January 1978 (amended August 6, 2004).



The controller may collect your personal data, through the "contact" or "my account" section or through a newsletter subscription. “Personal data" refers to personal information that you voluntarily provide by filling out a form on the site, or that the data controller collects when you browse on the website, which allows to identify you, directly or indirectly.


Personal data thus includes individual-related data (such as your name, contact details, photographs that you send) and electronic identification data available on or from your device (such as "cookies" or "IP addresses") . We specify that the electronic identification data can identify your terminal or pages viewed on the site and are generally insufficient to personally identify you. When you voluntarily provide personal data about yourself, especially when it comes to multimedia content (photographs, videos, etc.), you agree to provide accurate information that is not prejudicial to the interests or rights of third parties.


In accordance with Article 32 of the Data Protection Act of 6 January 1978, the information required to process orders is indicated by an asterisk on the site. The other requested information, for which the answer is optional, is intended to get to know you better and thus to improve the services offered to you.



Identity: title, surname, first name(s), delivery and billing addresses, post code, city, country, landline and/or mobile number, email addresses, date of birth, company, internal processing code allowing identification of the client, copy of identity (may be retained to prove right of access, rectification or opposition or to fulfill a legal obligation); Data relating to means of payment for fraud prevention: bank that issued the payment card, type of card, partial card number, cardholder, expiry date; such data does not allow us to retrace the card number of the client.

Transaction data: transaction number, data and amount of the transaction, details of the purchase.

Data relating to monitoring of business relationship: products purchased, quantity, amount, delivery and billing addresses, purchase history, return of products, correspondence with customer service, exchanges and feedback from customers and prospects.

Data necessary for completion of marketing actions such as the newsletter, customer loyalty, prospecting, research, sponsorship, surveys or commercial promotion.

Data relating to the organisation and handling of competitions and any promotions: participation date, answers given, type of offers given;

Data relating to clients who submit reviews on products, services or content, including his/her pseudonym.


On the occasion of the consultation of a website, a website editor, such as the controller, may be required to file a "cookie" on your device through your browser software. These cookies do not identify you but record information about the navigation of your device on our site (the pages you have viewed, date and time of use, language settings, connection period, etc.). During its validity or registration, this cookie will allow the controller to identify your device during your next visits, in order to facilitate your navigation and offer you a personalized browsing experience.


Partners or service providers of the data controller, or third-party companies, may also be required, subject to your choice, to place "third-party" cookies on your device. The duration of the storage of this information on your device by the controller is 13 months.


We draw your attention to the fact that sharing the use of your device with other people may change the personalised nature of the action of cookies.


Functionality cookies:

Functionality cookies are essential to navigation, allowing you to use the main features of the site such as managing your basket or maintaining your identification, whilst the presentation of our website adapts to display your preferences on your device, to manage and securely access your personal space or secure your transactions. These cookies are essential to browsing our site, including putting an order through. Removing them can cause problems navigating on our site as well as being unable to place orders

Personalised cookies:

They allow you to visit the site in a personalised way, according to your previous visits, purchases, etc. You can quickly find the offers that suit you best

Advertising cookies:

These are the cookies used to present advertisements or to send you information adapted to your interests both on our site and when you browse on the Internet. They are used to limit the number of times you see an advertisement and help measure the effectiveness of an advertising campaign.

The refusal of these advertising cookies has no impact on the use of our site. However, refusing advertising cookies will not stop advertising on our site or on the Internet, it will only have the effect of displaying an advertisement that does not take into account your interests or your preferences.

These cookies are mainly third-party cookies submitted by partners or advertising agencies

Analytical cookies and audience measurement:

These are cookies that make it possible to better understand the use (for example, the pages most often consulted) and the performance of the site in order to improve its functioning. These cookies may be installed on your computer by the controller or by its providers and audience measurement partners. These cookies are not essential for browsing but make it easier to search, optimise the purchasing experience, better target customer expectations, improve offers, or optimise the operation of the Internet site


Settings for managing cookies

If you do not want the controller to deposit all or some cookies, you can tell us your preferences by clicking on the button below.


Managing cookies

Internet browser settings

You may at any time choose to disable or change these cookies via the Help section of your browser toolbar.


Your browser can be set to notify you of cookies that are stored on your computer and ask you to accept them or not. You can accept or refuse cookies on a case-by-case basis or refuse them systematically once and for all.


Warning, it is possible that this configuration of your browser may prevent you from accessing certain content or disrupt your navigation and the services you expect from our site. If necessary, we do not accept any liability for the consequences related to the degraded behavior of our site resulting from the impossibility of using the cookies necessary for its operation. If your browser is configured to refuse all cookies, you will not be able to make purchases or take advantage of essential features of our site, such as storing items in your basket or receiving personalised recommendations.


In order to manage cookies as close as possible to your expectations, we invite you to set your browser settings taking into account the purpose of cookies as mentioned above. The settings of each browser is different. It is described in the help menu of your browser, which will allow you to personalise your cookie settings. It tells you how to refuse new cookies or get a message that tells you how they are received or how to disable cookies either systematically or according to their issuer. You can also delete cookies manually.


You can disable cookies by following the instructions as follows:


Internet Explorer™ : Link

Safari™ : Link

Chrome™ : Link

Firefox™ : Link

Opera™ : Link

To find out more about handling cookies, go to and click ‘COOKIES MANAGEMENT’ top right



The information you provide on the site allows the controller to:


Deal with your questions or requests for information

Send you the newsletter if you subscribe

Inform you about products, offers and events

Help you to benefit from competitions

Help you to participate in surveys, like satisfaction surveys

Send you, subject to your consent, advertising or commercial messages

Your data is subject to computer processing allowing the management of the customer relationship, including payment and order tracking, delivery, billing, management of your customer account and our loyalty programs and sponsorship, management complaints to the customer service, management of the opinions on the products, services or contents, as well as the management of the requests of right of access, rectification and opposition. They can also be used by the partner companies for the purposes of statistical studies, quality monitoring of our service and, subject to your prior agreement, commercial prospection.


The data collected on this site is intended for the exclusive use of the controller. We do not sell, trade, or transfer your personally identifiable information to third parties. This does not include trusted third parties who help us operate our website, as long as these parties agree to keep this information confidential.


The controller does not transmit your personal data to a third party unless:


the data controller has to share this information with its distributors, service providers and in particular its technical service providers to provide you with the service you have requested (for example sending the newsletter)

the controller receives the request from a judicial authority or from any administrative authority empowered by law to request the disclosure of such information in accordance with the applicable legislation

The data controller tries to ensure the confidentiality and security of the personal data collected during their transmission to the aforementioned persons.



Only authorised personnel from the commercial, customer, logistics and IT departments (and their line managers) can access your personal data. The authorised staff of the subcontractors may also have access to it provided that the contract signed between the subcontractors and the controller mentions the obligations regarding the protection of the security and confidentiality of the data (Article 35 of the Law of 6 January 1978 as amended) and specifies in particular the safety objectives to be achieved.


We take every precaution to preserve the security of your data, in particular to prevent their disclosure to unauthorized third parties. As such, the controller puts all the necessary measures in place to secure its IT devices. In the event that your data is transferred to subcontractors (in particular for their hosting), the data controller shall ensure that they have a level of security that complies with the required standards and regulatory requirements.


Due to partial outsourcing of treatment, your data may be transferred outside the European Union. In this case, the controller shall ensure that the transfer complies with the legal framework: transfer to a country providing a sufficient level of protection, signature of contractual clauses issued by the European Commission or, for a service provider established in the United States, verification of its prior adherence to the “Privacy Shield” legal framework.



You need to send an email to customers@medicinalherbs.bioor a letter (with a copy of identity) to: OSTEORAMA - International Team - Personal Data Protection – 20- 22 WENLOCK ROAD N17GU LONDON UNITED KINGDOM

Modifying or deleting personal data will take place within a reasonable time period from the receipt of your request by our customer service.

The controller guarantees that your data can not be used for commercial purposes without your prior consent. In the event of a commercial solicitation, the controller guarantees you the right to oppose it later.

In accordance with the provisions of articles 38, 39 and 40 of the law of 6 January 1978 relating to computing, files and freedoms, you have the right to access, rectify and delete your data, as well as a right to oppose their treatment.

To do this, you must send an email to or a letter (with a copy of your identity) to: OSTEORAMA - International Team - Personal Data Protection – 20- 22 WENLOCK ROAD N17GU LONDON UNITED KINGDOM


Modifying or deleting personal data will take place within a reasonable time period from the receipt of your request by our customer service.

If you have expressed your refusal to receive the newsletter, you can then continue to make new orders on the site with the same identifiers, without receiving newsletters, unless you have requested.

By logging into your account, you can also modify, correct and update all the information contained in your account under "my account information".


Customer’s personal data is not kept beyond the time strictly necessary for the management of the commercial relation.

However, data enabling the establishment of proof of a right or a contract, or kept in compliance with a legal obligation, may be the subject of an intermediate archiving policy for a period that does not exceed the necessary for the purposes for which they are retained, in accordance with the provisions in force (in particular but not exclusively those provided by the Commercial Code, the Civil Code and the Consumer Code).

Customer data used for business purposes may be retained for a period of three years from the end of the business relationship (last purchase or last contact from the customer). Personal data relating to a non-client prospect may be retained for a period of three years from collection of data or the most recent contact from the prospect (for example, a request for documentation or clicking on a hypertext link contained in an email).

At the end of this three-year period, the data controller will be able to contact the data subject to find out whether he/she wishes to continue receiving commercial solicitations. In the absence of a positive and explicit response from the client, the data will be deleted or archived in accordance with the provisions in force, and in particular those provided by the Commercial Code, the Civil Code and the Consumer Code.

In case of exercise of the right of access or rectification, the data relating to identity documents may be kept for the period provided for in Article 9 of the Code of Criminal Procedure (one year).


In case of exercise of the right of opposition, these data may be archived during the limitation period provided for in Article 8 of the Code of Criminal Procedure (i.e. three years).

The data relating to bank cards are deleted once the transaction is completed, as soon as payment is successful.

In the case of payment by card, the card number and the expiry date can be conserved for proof, in case of dispute of the transaction, in intermediary archives, for the duration provided for by Article L. 133-24 of the Monetary and Financial Code, in this case thirteen months following the debit date. These data will be used only in case of dispute of the transaction. The data kept for this purpose are the subject of security measures, as described in article 8 of this standard and in article 5 of resolution 2013-358 of 14th November 2013 referred to above.

In order to facilitate the payment of regular customers, the data relating to bank cards can be kept longer, subject to obtaining the customer’s consent, previously informed of the aim pursued. The retention period can not then exceed the time necessary to fulfill the purpose for which the processing is to be carried out. The data relating to the security code are not to be kept beyond the time necessary to complete each transaction, including in case of successive payments or retention of the card number for subsequent purchases.

When the expiry date of the bank card is reached, the related data must be deleted.

Regarding the audience measurement statistics, the information stored in the user terminal (cookies), or any other method used to identify or trace, is not kept for more than 13 months.


If you have any questions or comments regarding the Personal Data Policy or how the data controller proceeds to the collection and use of your personal data, you can send an email to the following address:

If, despite all our efforts, you feel that your rights have not been respected, know that you have the opportunity to seize the ICO and take a look at your rights:

You can request your personal data by filling this form.

I also consent to having Medicinalherbs collect my email so that they can send me my requested info. For more info check our privacy policy where you'll get more info on where, how and why we store your data.